Security management in M2M area network

ABSTRACT

The disclosure is related to a machine to machine (M2M) device and a security management method thereof. The M2M device includes an identification circuit. The identification circuit may be configured to encrypt data collected from a sensor with a device identification (ID) of the M2M device and at least one subscriber ID of the identification circuit and to generate a data packet in a predetermined communication standard format by including the encrypted data in a payload of the data packet.

CROSS REFERENCE TO PRIOR APPLICATIONS

The present application claims priority under 35 U.S.C. §119 to KoreanPatent Application No. 10-2012-0121511 (filed on Oct. 30, 2012), whichis hereby incorporated by reference in its entirety.

BACKGROUND

Machine to Machine (M2M) communication is a form of data communicationthat involves one or more entities (e.g., devices) that do notnecessarily require human interaction or intervention in the process ofcommunication. The M2M communication may also be referred to as amachine type communication (MTC) or a machine intelligencecommunication. The M2M communication may extend human-centered internetinfrastructure to a human-to-machine domain and/or a machine-to-machinedomain where information can be sensed and transmitted not by humanbeings but by machines. The M2M communication may be related to aubiquitous technology.

The M2M communication may enable different types of services that arevaluable to an end user. For example, M2M communication services mayinclude smart metering, healthcare monitoring (e.g., patientmonitoring), fleet management and tracking, remote security sensing,smart grid, telemetry, weather monitoring, home automation, and similarapplications.

M2M architecture may include a variety of elements such as M2M devices(e.g., a sensor, an actuator, etc.), M2M area network, M2M communicationnetwork (e.g., a core network), M2M gateway (i.e., a system connectingthe M2M area network and the M2M communication network), and/or an M2Mapplication service server.

The M2M area network is formed by indirect connectivity type M2M devicesand a M2M gateway using typical wireless communication technologies,such as Zigbee, ultra-wideband (UWB), and Bluetooth. In such M2M areanetwork, a malicious device having a certain feature can scan signalstransmitted from a M2M device or a M2M gateway. Based on such scannedsignal, the malicious device can illegally join the M2M area network andcapture personal data of M2M devices.

SUMMARY

This summary is provided to introduce a selection of concepts in asimplified form that is further described below in the DetailedDescription. This summary is not intended to identify key features oressential features of the claimed subject matter, nor is it intended tobe used to limit the scope of the claimed subject matter.

Embodiments of the present invention overcome the above disadvantagesand other disadvantages not described above. Also, the present inventionis not required to overcome the disadvantages described above, and anembodiment of the present invention may not overcome any of the problemsdescribed above.

In accordance with an aspect of the present embodiment, a machine tomachine (M2M) device encrypts data with a device ID and a subscriber IDand generates a data packet in a certain communication standard formatby including the encrypted data in a payload thereof.

In accordance with another aspect of the present embodiment, a M2Mdevice includes an identification circuit containing information on adevice ID and a subscriber ID and is coupled to a M2M area network.

In accordance with at least one embodiment, a security management methodmay be provided for a machine to machine (M2M) device having a universalintegrated circuit card (UICC). The method may include encrypting datacollected by a sensor with a device identification (ID) of the M2Mdevice and at least one subscriber ID of the UICC, generating a datapacket in a predetermined format by including the encrypted data in apayload of the data packet, and transmitting the generated data packetto an associated service server.

Such a method may include sensing the data associated with a target M2Mservice and monitoring operation status of the M2M device and collectinginformation on the monitored operation status. The sensed data may beencrypted with the collected information on the monitored operationstatus.

The encrypting data may include encrypting the data using one of apublic key infrastructure (PKI) and a predetermined hashing function.The predetermined format may be a hypertext transfer protocol secure(HTTPS) format. The M2M device may be an indirect connectivity type M2Mdevice coupled to a Zigbee M2M area network. The at least one subscriberID may include an integrated circuit card identity (ICC ID) and aninternational mobile subscriber identity (IMSI).

The method may further include temporally storing the sensed data andthe information on the monitored operation status in a buffer of aprocessor of the M2M device and storing the generated data packet in amemory of the M2M device.

In accordance with at least one embodiment, a device may include asensor and an identification circuit, and a communication circuit. Thesensor may be configured to collect data associated with a targetservice. The identification circuit may be configured to encrypt thecollected data from the sensor with a device identification (ID) of theM2M device and at least one subscriber ID of the identification circuitand to generate a data packet in a predetermined communication standardformat by including the encrypted data in a payload of the data packet.The communication circuit may be configured to transmit the generateddata packet to an associated service server.

The device may further include a processor configured to monitoroperation status of the M2M device and to collect information on themonitored operation status. In this case, the identification circuit mayencrypt the sensed data with the collected information on the monitoredoperation status. The processor may include a buffer configured totemporally store the sensed data and the information on the monitoredoperation status. The device may include a memory configured to storethe generated data packet.

In accordance with at least one embodiment, a machine to machine (M2M)device coupled to a M2M area network may include a universal integratedcircuit card (UICC). The UICC may be configured to encrypt datacollected by a sensor with a device identification (ID) of the M2Mdevice and at least one subscriber ID of the UICC and to generate a datapacket in a predetermined format by including the encrypted data in apayload of the data packet. Such M2M device may be an indirectconnectivity type M2M device coupled to a M2M gateway through at leastone of a Zigbee network, an ultra-wideband (UWB) network, and aBluetooth network.

The UICC may include a memory configured to store a device ID of the M2Mdevice and at least one subscriber ID including an integrated circuitcard identity (ICC ID) and an international mobile subscriber identity(IMSI). The UICC may include a processor and an interface. The processormay be configured to encrypt the data using one of a public keyinfrastructure (PKI) and a hashing function and to generate the datapacket in a hypertext transfer protocol secure (HTTPS) format. Theinterface may be configured to be coupled to a main processor of the M2Mdevice.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and/or other aspects of the present invention will becomeapparent and more readily appreciated from the following description ofembodiments, taken in conjunction with the accompanying drawings, ofwhich:

FIG. 1 illustrates a machine to machine (M2M) system in accordance withat least one embodiment;

FIG. 2 illustrates a M2M device in accordance with at least oneembodiment;

FIG. 3 illustrates a security management method of a M2M device in a M2Marea network in accordance with at least one embodiment;

FIG. 4 illustrates a data packet in accordance with at least oneembodiment; and

FIG. 5 illustrates a security management method of a M2M device having aUICC in M2M area network in accordance with at least one embodiment.

DESCRIPTION OF EMBODIMENTS

Reference will now be made in detail to embodiments of the presentinvention, examples of which are illustrated in the accompanyingdrawings, wherein like reference numerals refer to like elementsthroughout. The embodiments are described below, in order to explain thepresent invention by referring to the figures.

In accordance with at least one embodiment, a machine to machine (M2M)device and a security management method thereof are provided forauthenticating devices and subscribers thereof in a M2M area network andfor securing data in the device. Particularly, a M2M device (e.g.,indirect connectivity type M2M device) is equipped with anidentification circuit (e.g., universal integrity circuit card). Such aM2M device encrypts data with a device ID of the M2M device and asubscriber ID of the identification circuit (e.g., UICC) and generates adata packet in a certain communication standard (e.g., hypertexttransfer protocol secure: HTTPS) by including the encrypted data in apayload of the data packet.

Such a M2M device may be an indirect connectivity type M2M devicecoupled to a Zigbee network as a M2M area network and include a UICC forcontaining information on a device ID and a subscriber ID. Hereinafter,such a M2M device and a security management method thereof will bedescribed based on a M2M system shown in FIG. 1 as follows.

FIG. 1 illustrates a machine to machine (M2M) system in accordance withat least one embodiment.

Referring to FIG. 1, M2M system 1000 may capture events generated in M2Mdevices and collect data from M2M devices coupled through communicationnetworks, covert information on the captured events and the collecteddata into meaningful information, analyze the information, and provide apredetermined service to end users based on the analysis result of themeaningful information. Such predetermined service may be providedwithout human intervention using M2M communication technologies. M2Msystem 1000 may be specified in M2M international standards (e.g.,European telecommunications stands institute (ETSI) technicalspecification (TS) 102 690). For example, M2M system 1000 may includeM2M application server 100, network management server 200, M2M servicecapabilities 300, core network 400, access network 500, at least one ofM2M devices 600-1 to 600-3, M2M gateway 700, and M2M area network 800.Such constituent elements of M2M system 1000 may be divided into anapplication domain, a network domain, and a device and gateway domain.The application domain may include M2M application server 100 and M2Mnetwork management server 200. The network domain may include M2Mservice capabilities 300, core network 400, and access network 500. Thedevice and gateway domain may include at least one of M2M devices 600-1to 600-3, M2M gateway 600, and M2M area network 800.

M2M application server 100 may perform predetermined service logics anduse M2M service capabilities. For example, M2M application server 100may receive information from M2M devices 600-1 to 600-3 throughcommunication networks (e.g., core network 400 and access network 500),analyze the received information, and provide predetermined M2M serviceto end users based on the analysis result. The received information maybe information on generated events, measured or sensed data at M2Mdevices 600-1 to 600-3. M2M application server 100 may process suchreceived information by specific business processing engines in order toconvert the received information to meaningful information. Based onsuch processed information, M2M application server 100 may performvarious types of operations to provide certain M2M services.Furthermore, M2M application server 100 manages connection to M2Mdevices 600-1 to 600-3 through wired/wireless networks.

M2M network management server 200 may include functions and performoperations for managing core network 400 and access network 400. Forexample, M2M network management server 200 performs networkconfiguration management, provisioning, supervision, subscribermanagement, and fault management. In addition, M2M network managementserver 200 may perform security management required in M2M service. M2Mnetwork management server 200 may include M2M management functionsrequired to manage M2M service capabilities 300 in the network domain.

As described, the network domain includes M2M service capabilities 300,core network 400, and access network 500. The network domain connectsthe application domain and with the device and gateway domain. That is,access network 500 and core network 400 may be a transport network fordata communication between the application domain and the device andgateway domain. M2M service capabilities 300 may form the interfacebetween M2M application server 100 and communication networks (e.g.,core network 300 and access network 400). M2M service capabilities 300may provide M2M functions that are to be shared by differentapplications and use core network functionalities.

Access network 500 allows the M2M device and gateway domain tocommunicate with core network 400. Access network 500 includes varioustypes of wired or wireless access networks. Access network 500 includesa wideband code division multiple access (WCDMA) network, a worldwideinteroperability for microwave access (WiMAX) network, wireless fidelity(WiFi) network, a long term revolution (LTE) network, x digitalsubscriber line (xDSL) network, hybrid fiber-coaxial (HFC) network, asatellite network, a global system for mobile communication (GSM) edgeradio access network (GERAN), a universal terrestrial radio accessnetwork (UTRAN), and an evolved universal terrestrial radio accessnetwork (E-UTRAN), and a wireless local area network (W-LAN), but thepresent invention is not limited thereto. Access network 500 performssecurity management functions for security between M2M devices andaccess network 500.

Core network 400 may provide IP connectivity at a minimum andpotentially other connectivity means, service and network controlfunctions, interconnection with other networks, roaming, and so forth.Core network 400 may include a public switched telephone network (PSTN),an integrated services for digital network (ISDN), international mobiletelecommunications (IMT)-2000, a wired area network (WAN), a local areanetwork (LAN), a cable television (CATV), third generation partnershipproject core networks (3GPP-CNs), an European telecommunicationsstandards institute telecommunication & internet converged service &protocols for advanced networks core network (ETSI TISPAN CN), and a3GPP2 CN.

The device and gateway domain is coupled to the application domain(e.g., application server 100) through the network domain. Such a deviceand gateway domain includes M2M devices 600-1 to 600-3, M2M area network800, and M2M gateway 700. M2M devices 600-1 to 600-3 might be a devicethat runs M2M applications using M2M service capabilities.

M2M devices 600-1 to 600-3 capture predetermined events, measure orsense data and provide information on the captured events and themeasured or sensed data to M2M application server 100 through accessnetwork 500 and core network 400. Such M2M devices 600-1 to 600-3 may beclassified into a direct connectivity type M2M device and an indirectconnectivity type M2M device based on manners of connection to thenetwork domain.

The direct connectivity type M2M device (e.g., M2M device 600-1)connects to the network domain through access network 500. The directconnectivity type M2M device performs procedures such as registration,authentication, authorization, management, and provisioning with thenetwork domain. The direct connectivity type M2M device may provideservice to other devices (e.g., legacy) connected to it that are hiddenfrom the network domain.

The indirect connectivity type M2M device (e.g., M2M devices 600-2 or600-3) connects to the network domain via M2M gateway 700 and connectsto M2M gateway 700 using M2M area network 800. M2M gateway 700 acts as aproxy for the network domain towards M2M devices 600-2 and 600-3 thatare connected to it. The indirect connectivity type M2M device performsauthentication, authorization, management, and provisioning. Suchindirect connectivity type M2M device may be a remote device (e.g., ahealthcare device), an off-line payment device (e.g., point of sale(POS) terminal) for accepting a payment made through a payment cardincluding a smart card, or a mobile payment device (e.g., a smartphone). Particularly, the indirect connectivity type M2M device may notinclude M2M capabilities.

M2M area network 800 provides connectivity between indirect connectivitytype M2M devices 600-2 and 600-3 and M2M gateway 700. M2M area network800 also provides such connectivity not only to M2M devices compliant toETSI M2M but also to a device noncompliant to ETSI M2M. That is, atypical device, not running M2M applications using M2M capabilities, canbe coupled to M2M area network 800. For example, M2M area network 800provides connectivity between a typical device and M2M gateway 700 aswell as connectivity between indirect connectivity type M2M devices600-2 and 600-3 and M2M gateway 700. M2M area network 800 independentlyperforms network configuration, data communication, management, andmaintenance. M2M area network 800 includes a personal area network (PAN)and a local network. For example, the PAN includes communicationnetworks using technologies such as IEEE 802.15.1, Zigbee, Bluetooth,RFID, IETF ROLL, ISA 100.11a, and so forth. Or, the local networksinclude communication networks using technologies such as PLC, M-BUS,Wireless M-BUS, KNX, and so forth. Furthermore, M2M area network 800 mayinclude communication network for vehicle, such as controller areanetwork (CAN), local interconnect network (LIN), and FlexRay. M2M arenetwork 800 may also include a building automation and control network(BACnet), as a building automation network, and a consumer electronicbus (CEBus) and LonTalk, as a home automation network.

In order to expand a M2M network, a M2M system accepts such local areanetworks as M2M area network. M2M area network 800 might be a differenttype of a network as compared to the network domain including corenetwork 400 and access network 500. Accordingly, communication betweenM2M area network 800 and the network domain may be communication betweenheterogeneous networks.

M2M gateway 700 is a gateway that runs M2M applications using M2Mservice capabilities. M2M gateway 700 acts as a proxy between M2Mdevices and the network domain. For example, M2M gateway 700 connectsindirect connectivity type M2M devices 600-2 and 600-3 to access network500 through M2M area network 800. M2M gateway 700 includes M2M servicecapabilities and M2M functions.

Such M2M gateway 700 may provide service to other devices (e.g., legacy)connected to it that are hidden from the network domain. For example,M2M gateway 700 may run an application that collects and treats variousinformation (e.g., from sensors and contextual parameters). That is, M2Mgateway 700 collects information from indirect connectivity type M2Mdevices 600-2 and 600-3. The collected information may includeinformation on operation states of M2M devices 600-2 and 600-3,information on events captured by M2M devices 600-2 and 600-3, and datameasured or sensed by M2M devices 600-2 and 600-3. For example, thecollected information may be information on a payment made by a consumerusing a predetermined payment card when M2M device 600-2 or 600-3 is apayment terminal (e.g., POS terminal). Such payment information mayinclude information on the payment card, a purchase, and authenticationdata for payment.

As described, in order to provide a M2M service, M2M devices 600-1 to600-3 and M2M gateway 700 may provide data collection and reportcapability, remote control capability, group communication capability,one-to-one communication capability, transaction processing capability,application enablement (DAE) capability, generic communication (DGC)capability, reach-ability, addressing and repository capability,communication selection capacity, remote entity management capability,security capability, history and data retention capability, transactionmanagement capability, interworking proxy capability, and compensationbrokerage capability.

As described, M2M communication is about communication between twomachines. Accordingly, M2M communication requires security capabilitiesfor authenticating devices in an associated network and for protectingdata of each device. Particularly, for M2M device security, M2Mcommunication requires data confidentiality, data integrity, gateway andserver authentication, privacy, and traceability. For M2M gatewaysecurity, M2M communication requires data integrity, dataconfidentiality, system usability, and device and server authentication.For access network security, M2M communication requires dataconfidentiality, data integrity, and device and gateway authentication.

In order to protect data of M2M devices and authenticate M2M devices,the network domain includes network security capability and the M2Mdevice and gateway domain includes device security capability andgateway security capability. The network security capability of thenetwork domain i) supports M2M service bootstrap, ii) supports keyhierarchy realization for authentication and authorization, iii)performs mutual authentication and key agreement, and iv) verifies theintegrity validation status reported by M2M devices and M2M gateway andtrigger appropriate post validation actions. The device securitycapability performs data integrity procedures for preventing datamodification in data transmission. For example, the device securitycapability i) supports M2M service bootstrap, ii) supports key hierarchyrealization for authentication and authorization, iii) initiates mutualauthentication and key agreement, and iv) report the integrityvalidation status to the NSEC and react to post validation actionstriggered by network security capability (NSEC). The gateway securitycapability i) supports M2M service bootstrap, ii) support key hierarchyrealization for authentication and authorization, iii) initiates mutualauthentication and key agreement, iv) reports the integrity validationstatus to the NSEC and reacts to post validation actions triggered byNSEC, v) is responsible for the storage and handling of M2M connectionkeys

As described, M2M area network 800 may be formed by indirectconnectivity type M2M devices 600-2 and 600-3 and M2M gateway 700 usingtypical wireless communication technologies, such as Zigbee,ultra-wideband (UWB), and Bluetooth. In such M2M area network 800, amalicious device having a certain feature can scan signals transmittedfrom a M2M device or a M2M gateway. Based on such scanned signal, themalicious device can illegally join M2M area network 800. That is, themalicious device can illegally capture personal data of M2M devices orthe measured or sensed data of M2M devices in M2M area network 800.Furthermore, the malicious device can modify the illegally captureddata. Accordingly, it is necessary to authenticate such illegalmalicious devices, to protect such personal data and measured/senseddata of a M2M device from illegal data capture and modification, and tolimit access rights in M2M communication, especially in M2M area network800.

In order to secure data of M2M devices (e.g., 600-2 and 600-3) in M2Marea network (e.g., 800), a M2M device encrypts sensed/measured data andgenerates a data packet in a predetermined communication standard formatby including the encrypted data in a payload thereof in accordance withat least one embodiment. Furthermore, such a M2M device encrypts adevice ID and a subscriber ID with the sensed/measured data for deviceand subscriber authentication. In order to encrypt such data, a M2Mdevice includes a universal integrated circuit card (UICC) in accordancewith at least one embodiment. Hereinafter, such a M2M device in a M2Marea network will be described in detail with reference to FIG. 2. Forconvenience and ease of understanding, the M2M device in accordance withat least one embodiment will be described as an indirect connectivitytype M2M device coupled in a M2M area network, but the present inventionis not limited thereto. The configuration of the M2M device inaccordance with at least one embodiment can be applied to any devicethat collects data associated with a target service and provides thecollected data to an associated service server as well as a directconnectivity type M2M device.

FIG. 2 illustrates a M2M device in accordance with at least oneembodiment.

Referring to FIG. 2, M2M device 600 includes communication circuit 610,battery 620, processor 630, memory 640, identification circuit 650,sensor 660, and antenna 670. As described, M2M device 600 securespersonal data and/or measured/sensed data from malicious attacks in M2Marea network 800. For example, M2M device 600 may be an indirectconnectivity type M2M device coupled in a Zigbee network. Particularly,M2M device 600 includes identification circuit 650 for storinginformation on a device ID and a subscriber ID and for encrypting dataand generating a data packet in a certain communication standards format(e.g., hypertext transfer protocol secure: HTTPS) by including theencrypted data in a payload in accordance with at least one embodiment.Hereinafter, the constituent elements of M2M device 600 will bedescribed in detail.

Communication circuit 610 transmits data to other entities or receivesdata from other entities trough communication networks including corenetwork 400, access network 500, and M2M area network 800. Communicationcircuit 610 is coupled to antenna 670 for transmitting and receivingdata. Particularly, communication circuit 610 transmits encryptedinformation to an external server (e.g., M2M application server 100) viaantenna 670. The encrypted information may include information on eventscaptured in M2M device 600, measured or sensed data by sensor 660, andoperation status (e.g., a battery level) of M2M device 600. Furthermore,communication circuit 610 receives data from other entities including anexternal server (e.g., M2M application server 100) and other M2M devicesand M2M gateway 700 and outputs the received data to processor 630.

Processor 630 controls constituent elements of M2M device 600 ingeneral. Processor 630 includes buffer 631 for temporally storinginformation obtained from sensor 660. Processor 630 is coupled toidentification circuit 650 and sensor 660.

Memory 640 stores information associated with M2M device 600, forexample, an operating system, applications, data collected throughsensor 660, operation results, operation status obtained fromconstituent elements such as battery 620, and so forth. Memory 640 maybe a nonvolatile memory coupled to processor 630. Such memory 640temporally stores information, which is sensed from sensor 660 andencrypted by identification circuit 650. The information includes notonly the sensed data but also information on events generated orindicated in M2M device 600, monitored operation status of predeterminedconstituent elements of M2M device 600, environmental data collectedfrom peripheral area, and so forth.

Although memory 640 is illustrated as a memory externally installed fromprocessor 630, the present invention is not limited thereto. Memory 640may be an internal memory included in processor 630. Since processor 630has been miniaturized, M2M devices are often equipped with an externalmemory for larger storage capacity.

Sensor 660 senses predetermined events and collects information thereofaccording to a usage purpose of M2M device 600 or a M2M serviceassociated with M2M device 600. That is, according to the associated M2Mservice or the usage purpose, sensor 660 may collect different type ofinformation. For example, sensor 660 may be a thermometer, a hygrometer,or a barometer for measuring temperature, humidity, or atmosphericpressure of peripheral environment around M2M device 600. Sensor 660 maybe a meter for measuring an amount of gas usage, electricity usage, orwater usage. Furthermore, sensor 660 collects information on eventscaptured or indicated by M2M device 600. For example, sensor 660 may bea motion sensor to capture motions around M2M device 600. Sensor 660 maybe a healthcare sensor for measuring body temperature, for measuringpulses, or for sounding alarm when body temperature drops below acertain degree. Sensor 660 may be a credit card reader for readinginformation on a credit card. Sensor 660 may be a radio-frequencyidentification (RFID) reader, a bar-code reader, a quick response (QR)code reader, or so forth.

As described, sensor 660 collects predetermined information andtransfers the collected information to processor 630 or identificationcircuit 650 or stores the collected information in memory 640.

Identification circuit 650 is a circuit storing various types ofinformation for authenticating a use right of M2M device 600 and ensuresthe integrity and security of data in M2M device 600. For example,identification circuit 650 may store information on a device ID and asubscriber ID of M2M device 600, which are used for provisioning. Suchidentification circuit 650 may include a user identity module (UIM), asubscriber identity module (SIM), and a universal subscriber identitymodule (USIM). Particularly, identification circuit 650 may be realizedas a smart card, a chip card, an integrated circuit card (ICC), or auniversal integrated circuit card (UICC). That is, identification module650 is a UICC attached to M2M device 600 in accordance with at least oneembodiment.

In accordance with at least one embodiment, identification circuit 650receives information collected by sensor 660 from processor 630,encrypts the received information, generates a data packet in apredetermined communication standard format by including the encryptedinformation in a payload thereof, and stores the generated data packet.Such identification circuit 650 includes central processing unit (CPU)651, memory 652, and interface 653.

Memory 652 may store information on a device ID and a subscriber ID ofM2M device 600. For example, the device ID is a unique identificationassigned to M2M device 600. Based on such a device ID, M2M device 600may be determined as whether it is registered or not. When M2M device600 is registered at M2M server 100, M2M server 100 stores informationon the device ID of M2M device 600 for device authentication. The deviceID may be generated and assigned by a manufacturer of a M2M device.Alternatively, a multiple access control (MAC) address may be used as adevice ID. In case of an android type device, an application ID (APP ID)may be used as a device ID.

Furthermore, the device ID may include information necessary for joininga target network. For example, the device ID includes information on adestination, a source, and an ID. Such a device ID may be a PAN ID or anetwork ID.

Memory 652 also stores information on an integrated circuit cardidentity (ICC ID) and an international mobile subscriber identity(IMSI), as the subscriber ID. The ICC ID is a unique ID ofidentification circuit 650 (e.g., UICC). Based on the ICC ID, anidentification circuit of M2M device 600 can be determined as whether itis registered or unregistered. A telecommunication service providerassigns a unique ICC ID to each subscriber (e.g., a universal subscriberidentity module (USIM), a software application for UMTS mobiletelephony, which runs on a UICC).

Based on the IMSI, a subscriber of M2M device 600 can be determined aswhether it is a registered subscriber or not. The IMSI is globally aunique identification associated with al cellular network. For example,the IMSI may be a telephone number assigned to a subscriber of acellular network. The IMSI is configured of a public land mobile network(PLMN) identification and a mobile subscription identification number(MSIN). With the PLMN ID, a service provider can be identified. The MSINis a telephone number for identifying a subscriber.

Interface 653 provides connection between identification circuit 650 andother constituent elements such as processor 630 and communicationcircuit 610. That is, interface 653 may be input/output circuits ofidentification circuit 650.

CPU 651 of identification circuit 650 receives information fromprocessor 630 through interface 653 and encrypts the receivedinformation with the device ID and the subscriber ID stored in memory652 in accordance with at least one embodiment. The received informationincludes data sensed or measured by sensor 660, information on eventsgenerated in M2M device 600, operation status of predeterminedconstituent elements of M2M device 600, environmental data collectedfrom peripheral area, and so forth. Furthermore, CPU 651 uses apredetermined key used in provisioning of M2M device 600 in order toencrypt the received information. For example, CPU 651 uses a public keyinfrastructure (PKI) used in provisioning of identification circuit 650or use a hashing function used for converting a key value to an addressof a predetermined memory sector for storing information.

CPU 651 generates a data packet by including the encrypted informationin a payload thereof in a predetermined communication standard format,such as a HTTPS, in accordance with at least one embodiment.Furthermore, CPU 651 stores the generated data packet in memory 640.

In addition, CPU 651 may include a Java Platform, a universal subscriberidentity module (USIM) applet, a smart card web server (SCWS), adatabase management system (DBMS), a database (DB), and a gateway.Interface 653 includes an IC-USB port and an ISO-7816 port.

The smart card web server (SCWS) may provide remote management ofservices (e.g., applet) and contents, security management for supportingHTTPS, authentication management for a PKI authentication procedure, andcomparability for exchanging data according to HTTPS regardless of aplatform when data is transmitted to an external entity. Accordingly,the smart card web server improves efficiency of a M2M network systemcoupled to various types of platforms in various types of equipment. Thesmart card web server may also enable monitoring M2M device 600 in realtime when there is attempting for breaking M2M device 600 down. That is,the smart card web server provides convenience in providing network logdata.

The DB and the DBMS may manage the encrypted data stored in externalmemory 640. Such a DB may be stored in memory 652 of identificationcircuit 650. The DB includes indexes of data packets stored in memory640. Since the DB is included in identification circuit 650 although theencrypted data stored in external memory 640, data security becomes moreenhanced. For example, in response to a request of transmitting specificdata from a service server, the requested data is searched and fetchedfrom memory 640 based on an index of the requested data, which is storedin the DB. The fetched data is transmitted to the service server.Particularly, the DB, the DBMS, and the SCWS enable a service server toaccess a desired M2M device and to retrieve one of data packets storedin a memory thereof. Since it does not require decoding the requesteddata (e.g., encrypted data with a device ID and a subscriber ID), therequested data can be retrieved and transmitted to the service serverquicker. Furthermore, instead of receiving a request from a serviceserver, a group of data packets stored in memory 640 might betransmitted to application server 100 at a regular interval or upon thegeneration of predetermined event.

CPU 651 of identification circuit 650 was described as encrypting theinformation and generating the data packet by including the encryptedinformation in a payload thereof, but the present invention is notlimited thereto. Processor 630 of M2M device 600 may perform the sameinstead of CPU 651 of identification circuit 650.

As described, M2M device 600 encrypts sensed or measured data with adevice ID and a subscriber ID and generates a data packet by includingthe encrypted data in a payload thereof M2M device 600 stores thegenerated data packet in memory 640 and transmits the stored data packetto M2M application server 100 in response a request thereof inaccordance with at least one embodiment. Hereinafter, such operation ofM2M device 600 will be described with reference to FIG. 3.

FIG. 3 illustrates a security management method of a M2M device in a M2Marea network in accordance with at least one embodiment.

Referring to FIG. 3, M2M device 600 performs provisioning at step S3010.For example, as provisioning, M2M device 600 performs a registrationprocedure at M2M application server 100 for a predetermined M2M service.That is, M2M device 600 may register a device ID and a subscriber IDthereof at M2M application server 100 for the predetermined M2M service.For example, the device ID may be a unique hardware ID, a MAC addressassigned to M2M device 600, and an App ID of an android terminal. Thesubscriber ID may include an integrated circuit card identity (ICC ID)and an international mobile subscriber identity (IMSI) of identificationcircuit 650 (e.g., UICC).

At step S3020, M2M device 600 collects predetermined data and temporallystores the collected data. For example, various types of M2M devices aredeployed around target areas for collecting predetermined informationfrom peripheral environment, information on events generated at orindicated by M2M devices, and information from other entities. M2Mdevices may measure temperature, humidity, air pressure, an amount ofelectricity usage, an amount of gas usage, an amount of water usage,body temperature, blood pressure, and so forth. Furthermore, a M2Mdevice reads information on a credit card for making a payment of apurchase.

Such sensed or measured data may be stored in a temporal storage (e.g.,buffer 631) of M2M device 600, before storing the collected data inmemory 640. M2M device 600 collects such data at a predetermined regularinterval or upon a predetermined event. The predetermined event may bethe receipt of a predetermined signal from other entity and thegeneration of payment transaction.

For example, upon the generation of a predetermined event, M2M device600 collects information on the generated event. Or, M2M device 600 mayreceive information related to the predetermined event from a user. Forexample, when the predetermined event is making a payment using apayment card, M2M device 600 may receive information related to thepayment, such as a payment method (e.g., a payment card type), a price,a purchase, a consumer, and a merchant. When M2M device 600 is a mobilepayment terminal (e.g., smart phone), M2M device 600 might obtaininformation on a payment method (e.g., a credit card) directly from aconsumer or M2M device 600 might read such information from a creditcard of a consumer using a credit card reader as sensor 660. Such amethod of obtaining information might be embodied in various ways andwell known in the art. The detailed description thereof is omittedherein.

At step S3030, M2M device 600 monitors operation status at a regularinterval or upon the generation of a predetermined event and storesinformation on the monitoring result. Such monitoring operation stepS3030 is described as an independent operation step from the datacollection operation step S3020, but the present invention is notlimited thereto. For example, the monitoring operation step S3030 isperformed simultaneously with the data collection operation step S3020.

M2M device 600 regularly monitors operation status thereof. Theoperation status may be a remaining battery level or errors generatedduring communication. Such monitoring information may be collected at apredetermined regular period or upon the generation of a predeterminedevent. The predetermined event might be the initiation of certainoperation. Such predetermined event might be set by a user or anoperator. Such monitoring information (e.g., the remaining batterylevel) may be used for analyzing a malfunction statue of each M2M deviceand for dealing with the malfunction statue of each M2M device.

At step S3040, M2M device 200 obtains a device ID and a subscriber ID.The device ID is obtained for device authentication and the subscriberID is obtained for subscriber authentication. For example, M2M device600 obtains a device ID and a subscriber ID from identification circuit650. As the subscriber ID, M2M device 600 obtains an ICC ID and an IMSIfrom a UICC equipped as identification circuit 650.

At step S3050, M2M device 600 encrypts the sensed or measured data, theinformation on the operation status, and the obtained device ID andsubscriber ID. For example, M2M device 600 may use various types ofmethods for encoding the generated packet. For example, M2M device 600uses an encryption key used in provisioning of M2M device 600.Particularly, M2M device 600 uses a public key infrastructure (PKI) usedin provisioning of identification circuit 650 for encryption.Furthermore, M2M device 600 may uses a hashing function used forconverting a key value to an address of a predetermined memory sectorfor storing information.

At step S3060, M2M device 600 generates a data packet in a predeterminedcommunication standard format by including the encrypted data in apayload thereof. For example, M2M device 600 generates the data packetin a hypertext transfer protocol secure (HTTPS) format, which is acommunications protocol for secure communication over a computernetwork.

At step S3070, M2M device 600 stores the generated data packet in memory640. M2M device 600 stores the data packet generated in a predeterminedcommunication standard format in memory 640 for enhancing data securityin M2M device 600. As described, the generated data packet is stored inmemory 640 and an index thereof is stored in a database (e.g. memory652) in identification circuit 650. In this way, a specific data packetcan be retrieved based on an index thereof without deciding a payloadthereof in response to a request from application server 100.

Although the generated data packet is described as being stored inmemory 640, the present invention is not limited thereto. The generateddata packet may be transmitted to a predetermined server without storingthem in memory 640.

At step S3080, M2M device 600 transmits the stored data packet to anexternal server (not shown) upon the generation of a predeterminedevent. For example, M2M device 600 may transmit the data packet to theexternal server regularly. Or, M2M device 600 may transmit the datapacket in response to a request from the external server.

As described, M2M device 600 generates a single data packet in a HTTPSformat by including the encrypted data with the device ID and thesubscriber ID in the payload thereof, in accordance with at least oneembodiment. Such single data packet will be described in detail withreference to FIG. 4.

FIG. 4 illustrates a data packet in accordance with at least oneembodiment.

Referring to FIG. 4, M2M device 600 generates single data packet 900 inthe HTTPS format. Such generated single data packet 900 includes HTTPSheader 9200 and HTTPS payload 9100.

HTTPS payload 9100 includes secured data payload 9110 and block checkcode (BCC) 9120. Secured data payload 9110 is a region for containingthe encrypted data with the device ID and the subscriber ID. Suchsecured data payload 9110 also contains information on operation statusand peripheral environment, as described. BCC 9120 includes a blockcheck code for checking error generation during data transmission.

Particularly, secured data payload 9110 includes a device ID foridentifying a M2M device (e.g., device authentication or authorization),a subscriber ID for identifying a subscriber or an identificationcircuit (e.g., subscriber authentication or authorization), thecollected data, the monitoring information on operation status, and theinformation on peripheral environment. Such secured data payload 9110 isencrypted through a predetermined encryption process in accordance withat least one embodiment.

For example, secured data payload 9110 may include ICC ID 9111, IMSI9112, device ID 9113, sensed or measured data 9114, and information onoperation status 9115. Sensed or measured data 9114 may includeinformation on a time of sensing or measuring data 9114-1 and the sensedor measured data 9114-2. The information on operation status 9115includes battery data 9115-1, environmental information 9115-2, andreserved 9115-3. When a M2M device does not include a battery, batterydata 9115-1 contains a predetermined number, such as 0XFFF.

As described, an indirect connectivity type M2M device in a M2M areanetwork includes a UICC as an identification circuit for enhancingsecurity management in a M2M area network in accordance with at leastone embodiment. Hereinafter, such security management in a M2M areanetwork will be described based on a M2M device equipped with a UICC asan identification circuit with reference to FIG. 5.

FIG. 5 illustrates a security management method of a M2M device having aUICC in M2M area network in accordance with at least one embodiment.

Referring to FIG. 5, sensor 660 of M2M device 600 collects dataassociated with a target M2M service at step S5010. Processor 630 of M2Mdevice 600 temporally stores the collected data in buffer 631 at stepS5020. Processor 630 obtains the stored data from buffer 631 andtransfers the obtained data to UICC 650 at step S5030.

At step S5040, UICC 650 receives the sensed data through interface 653and obtains a device ID, an ICC ID, and an IMSI from memory 652. At stepS5050, CPU 651 of UICC 650 encrypts the sensed data with the device ID,the ICC ID, and the IMSI using a public key infrastructure (PKI) used inprovisioning of UICC 650 or a hashing function used for converting a keyvalue to an address of a predetermined memory sector for storinginformation.

At step S5060, CPU 651 of UICC 650 generates a data packet in a HTTPSformat by including the encrypted data in a payload thereof. At stepS5070, memory 640 of M2M device 600 stores the generated data packet. Atstep S5080, processor 630 of M2M device 600 fetches the data packetstored in memory 640 upon the generation of a certain event. At stepS5090, processor 630 transmits the fetched data packet to an externalserver (not shown) through communication circuit 610.

Reference herein to “one embodiment” or “an embodiment” means that aparticular feature, structure, or characteristic described in connectionwith the embodiment can be included in at least one embodiment of theinvention. The appearances of the phrase “in one embodiment” in variousplaces in the specification are not necessarily all referring to thesame embodiment, nor are separate or alternative embodiments necessarilymutually exclusive of other embodiments. The same applies to the term“implementation.”

As used in this application, the word “exemplary” is used herein to meanserving as an example, instance, or illustration. Any aspect or designdescribed herein as “exemplary” is not necessarily to be construed aspreferred or advantageous over other aspects or designs. Rather, use ofthe word exemplary is intended to present concepts in a concretefashion.

Additionally, the term “or” is intended to mean an inclusive “or” ratherthan an exclusive “or”. That is, unless specified otherwise, or clearfrom context, “X employs A or B” is intended to mean any of the naturalinclusive permutations. That is, if X employs A; X employs B; or Xemploys both A and B, then “X employs A or B” is satisfied under any ofthe foregoing instances. In addition, the articles “a” and “an” as usedin this application and the appended claims should generally beconstrued to mean “one or more” unless specified otherwise or clear fromcontext to be directed to a singular form.

Moreover, the terms “system,” “component,” “module,” “interface,”,“model” or the like are generally intended to refer to acomputer-related entity, either hardware, a combination of hardware andsoftware, software, or software in execution. For example, a componentmay be, but is not limited to being, a process running on a processor, aprocessor, an object, an executable, a thread of execution, a program,and/or a computer. By way of illustration, both an application runningon a controller and the controller can be a component. One or morecomponents may reside within a process and/or thread of execution and acomponent may be localized on one computer and/or distributed betweentwo or more computers.

The present invention can be embodied in the form of methods andapparatuses for practicing those methods. The present invention can alsobe embodied in the form of program code embodied in tangible media,non-transitory media, such as magnetic recording media, opticalrecording media, solid state memory, floppy diskettes, CD-ROMs, harddrives, or any other machine-readable storage medium, wherein, when theprogram code is loaded into and executed by a machine, such as acomputer, the machine becomes an apparatus for practicing the invention.The present invention can also be embodied in the form of program code,for example, whether stored in a storage medium, loaded into and/orexecuted by a machine, or transmitted over some transmission medium orcarrier, such as over electrical wiring or cabling, through fiberoptics, or via electromagnetic radiation, wherein, when the program codeis loaded into and executed by a machine, such as a computer, themachine becomes an apparatus for practicing the invention. Whenimplemented on a general-purpose processor, the program code segmentscombine with the processor to provide a unique device that operatesanalogously to specific logic circuits. The present invention can alsobe embodied in the form of a bitstream or other sequence of signalvalues electrically or optically transmitted through a medium, storedmagnetic-field variations in a magnetic recording medium, etc.,generated using a method and/or an apparatus of the present invention.

It should be understood that the steps of the exemplary methods setforth herein are not necessarily required to be performed in the orderdescribed, and the order of the steps of such methods should beunderstood to be merely exemplary. Likewise, additional steps may beincluded in such methods, and certain steps may be omitted or combined,in methods consistent with various embodiments of the present invention.

As used herein in reference to an element and a standard, the term“compatible” means that the element communicates with other elements ina manner wholly or partially specified by the standard, and would berecognized by other elements as sufficiently capable of communicatingwith the other elements in the manner specified by the standard. Thecompatible element does not need to operate internally in a mannerspecified by the standard.

No claim element herein is to be construed under the provisions of 35U.S.C. §112, sixth paragraph, unless the element is expressly recitedusing the phrase “means for” or “step for.”

Although embodiments of the present invention have been describedherein, it should be understood that the foregoing embodiments andadvantages are merely examples and are not to be construed as limitingthe present invention or the scope of the claims. Numerous othermodifications and embodiments can be devised by those skilled in the artthat will fall within the spirit and scope of the principles of thisdisclosure, and the present teaching can also be readily applied toother types of apparatuses. More particularly, various variations andmodifications are possible in the component parts and/or arrangements ofthe subject combination arrangement within the scope of the disclosure,the drawings and the appended claims. In addition to variations andmodifications in the component parts and/or arrangements, alternativeuses will also be apparent to those skilled in the art.

What is claimed is:
 1. A method of security management in a machine tomachine (M2M) device having a communication circuit configured totransmits data to other entities and receive data from other entitiesthrough communication networks including a core network, an accessnetwork, and a M2M network, a processor configured to controlconstituent elements of the M2M device, a memory configured to storeinformation associated with the M2M device, a sensor configured to sensepredetermined events and collect information associated with the sensedevents, and a universal integrated circuit card (UICC) configured tostore various type of information for authenticating a use of the M2Mdevice, the method comprising: sensing, by the sensor, data associatedwith a target M2M service provided through the M2M device; monitoring,by the processor, operation status of the M2M device and collectinginformation on the monitored operation status; encrypting, by the UICC,the sensed data with a device identification (ID) of the M2M device, atleast one subscriber ID of the UICC, and the collected information onthe monitored status; generating, by the UICC, a data packet in apredetermined format by including the encrypted data in a payload of thedata packet; and transmitting, by the communication circuit, thegenerated data packet to an associated service server through acommunication network.
 2. The method of claim 1, wherein the encryptingdata comprises: encrypting, by the UICC, the data using one of a publickey infrastructure (PKI) and a predetermined hashing function.
 3. Themethod of claim 1, wherein the predetermined format is a hypertexttransfer protocol secure (HTTPS) format.
 4. The method of claim 1,wherein the M2M device is an indirect connectivity type M2M devicecoupled to a Zigbee M2M area network.
 5. The method of claim 1, whereinthe at least one subscriber ID includes an integrated circuit cardidentity (ICC ID) and an international mobile subscriber identity(IMSI).
 6. The method of claim 1, comprising: temporally storing thesensed data and the information on the monitored operation status in abuffer of a processor of the M2M device; and storing the generated datapacket in a memory of the M2M device.
 7. A device comprising: a sensorconfigured to collect data associated with a target service providedthrough the device; a processor configured to monitor operation statusof the device and to collect information on the monitored operationstatus; an identification circuit configured to receive the sensed datafrom the sensor and the collected information on the monitored operationstatus from the processor, to encrypt the collected data with a deviceidentification (ID) of the device, at least one subscriber ID of theidentification circuit, and the collected information on the monitoredoperation status, and to generate a data packet in a predeterminedcommunication standard format by including the encrypted data in apayload of the data packet; and a communication circuit configured totransmit the generated data packet to an associated service serverthrough communication networks.
 8. The device of claim 7, wherein theidentification circuit is configured to encrypt the data using one of apublic key infrastructure (PKI) used in provisioning of the UICC and ahashing function used to convert a key value to an address of apredetermined memory sector for storing information.
 9. The device ofclaim 7, wherein the identification circuit is configured to generatethe data packet in a hypertext transfer protocol secure (HTTPS) format.10. The device of claim 7, wherein the device is an indirectconnectivity type M2M device coupled to a Zigbee M2M area network. 11.The device of claim 7, wherein the identification circuit is a universalintegrated circuit card (UICC).
 12. The device of claim 7, wherein theat least one subscriber ID includes an integrated circuit card identity(ICC ID) and an international mobile subscriber identity (IMSI).
 13. Thedevice of claim 7, wherein the processor includes a buffer configured totemporally store the sensed data and the information on the monitoredoperation status.
 14. The device of claim 7, comprising a memoryconfigured to store the generated data packet.
 15. A machine to machine(M2M) device coupled to a M2M area network, the M2M device comprising: asensor configured to collect data associated with a target serviceprovided through the M2M device; a processor configured to monitoroperation status of the M2M device and to collect information on themonitored operation status; and a universal integrated circuit card(UICC) configured to encrypt the collected data from the sensor with adevice identification (ID) of the M2M device, at least one subscriber IDof the UICC, and the collected information on the monitored operationstatus from the processor, and to generate a data packet in apredetermined format by including the encrypted data in a payload of thedata packet.
 16. The M2M device of claim 15, wherein the M2M device isan indirect connectivity type M2M device coupled to a M2M gatewaythrough at least one of a Zigbee network, a ultra-wideband (UWB)network, and a Bluetooth network.
 17. The M2M device of claim 15,wherein the UICC includes a memory configured to store a device ID ofthe M2M device and at least one subscriber ID including an integratedcircuit card identity (ICC ID) and an international mobile subscriberidentity (IMSI).
 18. The M2M device of claim 17, wherein the UICCincludes: a central processing unit configured to receive the collecteddata from the sensor and the collected information on the monitoredoperation status from the processor, and to encrypt the data using oneof a public key infrastructure (PKI) and a hashing function and togenerate the data packet in a hypertext transfer protocol secure (HTTPS)format; and an interface configured to be coupled to a main processor ofthe M2M device.